Looks like you are applying the rules in Pre, Main and Post stage using firewall, i wonder what could be the requirement to apply the rules in different stages instead of creating a File resource, Service notify trigger using Exec iptables-restore, if you don't mind giving a little elaboration.
-Thanks On Saturday, March 10, 2012 8:13:14 AM UTC+5:30, Christian McHugh wrote: > > Thus far I've only been able to get puppet to run without making the >> firewall persistent. >> > > In the case of running the exec save-rules in the post: it's no good if > your hosts are at all dynamic since it only runs after the main stage. So > if you have an existing host, add another normal firewall rule, that rule > will get added on the next puppet run. But since the firewall drop rule > that exists in the post stage has already been pushed out, the post bits > never get called, and thus the firewall rules are not saved and your update > will be lost at boot. > > I'm hoping something happens in development since there has not been a new > revision in a little while and the github patches are stacking up. > > Cheers > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/qxPcfFsqKXsJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.